From f19766a3546309ee25e08692ddacfd10eff1e63a Mon Sep 17 00:00:00 2001
From: Pablo Santiago <pablosantiagolopez1@gmail.com>
Date: Sat, 9 Dec 2023 10:39:09 +0100
Subject: [PATCH] Get target blacklist dynamically for each validation

---
 src/backend/security/target_validator.py   | 13 +++----
 src/backend/tests/test_target_blacklist.py | 42 +++++++++++-----------
 2 files changed, 25 insertions(+), 30 deletions(-)

diff --git a/src/backend/security/target_validator.py b/src/backend/security/target_validator.py
index 4b7c5c659..35e0727cc 100644
--- a/src/backend/security/target_validator.py
+++ b/src/backend/security/target_validator.py
@@ -1,7 +1,7 @@
 import ipaddress
 import re
 from re import RegexFlag
-from typing import Any
+from typing import Any, List
 
 from django.core.validators import RegexValidator
 from django.forms import ValidationError
@@ -20,22 +20,17 @@ def __init__(
         self.code = code
         flags = None  # Needed to prevent TypeError
         super().__init__(regex, message, code, inverse_match, flags)
-        try:
-            self.target_blacklist = TargetBlacklist.objects.all().values_list(
-                "target", flat=True
-            )
-        except:  # pragma: no cover
-            self.target_blacklist = []
 
     def __call__(self, value: str | None) -> None:
         super().__call__(value)
-        if value in self.target_blacklist:
+        blacklist = TargetBlacklist.objects.all().values_list("target", flat=True)
+        if value in blacklist:
             raise ValidationError(
                 f"Target is disallowed by policy",
                 code=self.code,
                 params={"value": value},
             )
-        for denied_value in self.target_blacklist:
+        for denied_value in blacklist:
             try:
                 match = re.fullmatch(denied_value, value)
             except:
diff --git a/src/backend/tests/test_target_blacklist.py b/src/backend/tests/test_target_blacklist.py
index e155b69b2..3da479b92 100644
--- a/src/backend/tests/test_target_blacklist.py
+++ b/src/backend/tests/test_target_blacklist.py
@@ -66,27 +66,27 @@ class TargetBlacklistTest(ApiTest):
             data=target_blacklist3,
             expected={"id": 16, "default": False, **target_blacklist3},
         ),
-        # ApiTestCase(
-        #     ["admin1", "auditor1"],
-        #     "post",
-        #     400,
-        #     {"project": 1, "target": "rekono.com"},
-        #     endpoint="/api/targets/",
-        # ),
-        # ApiTestCase(
-        #     ["admin1", "auditor1"],
-        #     "post",
-        #     400,
-        #     {"project": 1, "target": "subdomain.rekono.com"},
-        #     endpoint="/api/targets/",
-        # ),
-        # ApiTestCase(
-        #     ["admin1", "auditor1"],
-        #     "post",
-        #     400,
-        #     {"project": 1, "target": "10.10.10.1"},
-        #     endpoint="/api/targets/",
-        # ),
+        ApiTestCase(
+            ["admin1", "auditor1"],
+            "post",
+            400,
+            {"project": 1, "target": "rekono.com"},
+            endpoint="/api/targets/",
+        ),
+        ApiTestCase(
+            ["admin1", "auditor1"],
+            "post",
+            400,
+            {"project": 1, "target": "subdomain.rekono.com"},
+            endpoint="/api/targets/",
+        ),
+        ApiTestCase(
+            ["admin1", "auditor1"],
+            "post",
+            400,
+            {"project": 1, "target": "10.10.10.1"},
+            endpoint="/api/targets/",
+        ),
         ApiTestCase(
             ["admin1", "admin2"],
             "put",